AMENDMENTS TO THE CLAIMS 



Please replace the Claims with the amended Claims attached hereto. 



Claims 

" r ' subscriber station .0 a base «k» U. a wireless portable fntemet ^ * 
method comprising: 

(a) a servie t»P= for the pasted trffic e^ryprion key » be W 
for security oo a .raffc otnnection to the base stanon prior .0 estabhsbng the 
traffic connection; 

(b) generating a Key Request message for requesting a traffic encryption key 
corresponding to the deterrrined service type; and 

acess control (MAC) message. 

^ ' 7 reconkd'.napaounaterioclodedinthaKeyRequaatn.aaaaga. 
ra/fr-*) XThe method as claimed ia claim 1*4 whenrin (he service type omrpmes a 

14! A-«;^ft H- method a, claimed la claim 3, wherein when me service type is a mulbcas. 
Tt^^^p^ofmeKey^uestmessageiaaladesanlDam^ngan 

identifier of a multat service gmup for a subscriber. 
m M Thentemod^cUimediadaimJ.^me^Wmch^ae^ngd^y 
^ J ^uestm^eusinga^-RPXJ^KeyManagemeat-R^ea.)^ 
is one of MAC messages of the IEEE 802.1 6 standard protaDl. 
161 k ■ <^J\ A method for geaetatiag and distributing a service-specific traffic eacrypnoa , key 
T t ' from a base -on to a aubscriber aarion in a wire.- *«* Interna, ays** 
the method comprising: 

(a) receiving a Key Request message from the subscriber sudion requesung the 
servfce-spedfic traffic encryption key; 

(b) analyzingtheKey Request message to detenrine a service type; 

(c) generating a traffic encryption key adding to the deterrrined sen.ee type; 

^genentf^^ 
a MAC message. 

171 L vJS method as claimed in claim 6, whemin m the s*P (b), the Key Request 
^C^^cMadcaapa^a^rda.ed^mese^^mebaae^on 



analyzing the parameter to detenrine the service type. 
[Sl/trrtU, The method as claimed in claim 6«rr, wherein the step (c) includes: 

in the case that generation of the traff* encryption key for the subscriber station 
is a failure due to the detemined service type, the base station generating a Key 
Reject message including an error axle mailing a reason of the failure and 
sending the generated Key Reject message to the subscriber station using a MAC 
message. 

mbr*JS method as claimed in claim 8, wherein the base station enters 'Unsupported 
V 7 J S ervk:e type" on the error oode and sends the error code to the subscriber station 
in the case that the traffic encryption key for a service type corresponding to a 
trafft: encryption key request of the subscriber station cannot be generated and 
distributed. 

[ 1 wLjJ) The method as claimed in claim 8, wherein the service type comprises a unicast 

' servte, a multicast service, and a broactast service. 
[1 whf 'eljTto method as claimed in claim 10, wherein the base station enters 

I T "unauthorized multicast service group ID" on the error code and sends the error 
code to the subscriber station in the case that the service type for the traffic 
encryption key requested by the subscriber station is a multicast service and 
denned as unsupported multicast servce for the specific multicast service group 
ID, because the SS is not authorized for the specific multicast service group by 
the base station. 

Tbe method as claimed in claim 8, wherein the Key Reply message and the Key 
W J Reject message are sent using a PKM-RSP (Privacy Key Management - 

Response) message that is one of MAC messages of the IEEE 802.16 standard 
protocol. 

[13]4 W V P^axM configuration method for generating and distributing a service 
( 7 1 specific traffic encryption key to be used for security on a traffic connection 

between a base station and a subscriber station in the wireless portable Internet 
system, the protocol configuration method comprising: 

(a) the subscriber station sending a Key Request message for requesting a 
service-specific traffic encryption key to the base station using a MAC message; 
and 

(b) the base station analyzing the Key Request message received from the 
subscriber station, generating the requested service-specific traffic encryption 
key, and sending a Key Reply message including the generated service-specific 



nflfc encryption key to the subscriber station using a MAC message. 
[14]( Lv^Thepro,ooo. orfgurnuon method aschumeain Cain, 13, wherein me step (a) 
' comprises: 

sending the Key Request message using a PKM-REQ message that xs one of 
x MAC messages of the IEEE 802.16 standard. 

[151 faJ)** mCth ° d " ^ h daim WhCTCin ^ ** 

* comprises: 

sending a Key Rejeet message deluding an error code recording a reason of a 
failure to the subscriber station using a MAC message in the case that generate 
of the servfce-specific encryption key is failed. 

^ * comprises: 

sending the Key Reply message and the Key Reject message using a FKM-RSP 
message that is one of MAC messages of the IEEE 802. 16 standard protocol. 
vmk%A An apparatus wirelessly connected to a base station in a wireless portable 

base station, the apparatus comprising: 

aKey Request message generator for generating a Key Request message for 

requesting the service-speri& traffic encryption key from the base station; 

a Key Request message sender for sending the Key Request message of the Key 

Request message generator to the base station using a MAC message; 

a Key Reply/Reject message receiver for receiving a Key Reply message or a 

Key Reject message from the base station using a MAC message; 

a message analyzer for analyzing the Key Reply message or the Key Reject 

message from the Key Reply/Reject message receiver to extract the traffic 

encryption key from the Key Reply message, or analyze an error type from the 

Key Reject message; and 

akey request controller for controlling operations of the Key Request message 
generator, the Key Request message sender, the Key Reply/Reject message 
receiver, and the message analyzer, and requesting the base station to allocate the 
service-specific traffic encryption key and process the traffic encryption key 
a*ording to the requested key allocation or an error code generated upon 
occurrence Q f an error as received from the base station. 

T? -Wesaservicetypeandan^ 



station when the service type is a multicast service. 
[19] The apparatus as claimed in claim 17, further comprising: 

W ^ a memory for storing information including the traffic encryption key or the 

error code resulted from an analysis of the message analyzer under the control of 
the key request controller. 
[20]4 cjJ)A* apparatus provided to a base station for generating and distributing a scrvice- 
^ 9 'spetifictraff^encryptionkeym^ 
apparatus comprising: 

a Key Request message receiver receiving a Key Request message from the 
subscriber station using a MAC message; 

a message analyzer analyzing the Key Request message of the Key Request 
message receiver to extra* information including a service type in the Key 
Request message; 

a subscriber discriminator deterrrining whether a traffic encryption key can be 
allotted to a requested service type arording to the Key Request message; 
a traffic encryption key generator generating a service-specific traffic encryption 
key analyzed by the message analyzer, 

a Key Reply message sender generating a Key Reply message including the 
traffic encryption key generated by the traffic encryption key generator 
adding to the requested service type from the subscriber station, and sending 
the generated Key Reply message to the subscriber station using a MAC 
message; and 

a key generation and distribution controller for controlling operations of the Key 
Request message receiver, the message analyzer, the subscriber diserininator, 
the traffic encryption key generator, and the Key Reply message sender to 
generate and distribnte a corresponding service-spedfc traffic encryption key 
amrding to a request for service-specific traffic encryption key refreshment 
from the subscriber station. 
[2l](f) ■ wjjm apparatus as claimed in claim 20, further comprising: 

™9 \ Key Reject message sender for sending a Key Reject message including an 
error code to the subscriber station using a MAC message under the control of 
the key generation and distribution controller in the case that the traffic 
encryption key generator generates an error for the request of the subscriber 
station. 

te apparatus as claimed in claim 20, further comprising: 




- e m *«rm ^cludinc an analysis result of the message 
a meirory for storing information including an <u y 

m ,itnfthp subscriber discrimnator under the 
analyzer and a discrimnatton result of the suoscnoe 

omnol of the key generation and distribution controller. 



